Blockchain technology is a very secure technology, but it is not perfect, and one of the attacks that can affect this type of network is the Sybil Attack. This is a curious vulnerability that can have a major impact on blockchain networks, allowing the attacker to have a greater presence on the network by taking false identities for themselves.
En the world of cryptocurrencies, and technology blockchain there are many known attacks and vulnerabilities and one of them is the Sybil attack. A Sybil Attack refers to when a system is violated by an entity that controls two or more different identities in a network. That is, when a person controls two or more points that are supposed to belong to different people or identities.
The name of Sybil Attack comes from the book "Sybil", a work of the well-known writer Flora Rheta Schreiber. In this book, Sybil Dorsett, a young woman who suffers from dissociative identity disorder (DID), a psychological disorder that leads a person to create several different identities of himself.
It is precisely this fact, which would be occurring in this type of computer attack on a distributed network. Only instead of being a person, in this case we would speak of nodes that seem to act independently but are under the control of the same person. However, it was not until 2002, when Brian zill a well-known computer scientist working for microsoft suggested the name for a a job of John R. Douceur. Douceur who is another Microsoft researcher, describe these types of attacks as part of their research work.
In this sense, we can summarize that A Sybil Attack is nothing more than an attack where a person tries to take control of the network by creating multiple accounts, nodes. or computers, which are their property. All this while showing that each of its points is a different identity to avoid raising suspicions.
But how can this type of attack affect blockchain technology and cryptocurrencies? What steps are taken to prevent this? Well, all this and much more we will see below.
Impact of a Sybil Attack on a blockchain network
The impact of a Sybil Attack on a blockchain network is primarily focused on getting undue influence on the decisions made on the network. For this, the user creates and controls many pseudonyms that allow him to put this influence into practice. As a result, the malicious actor achieves disproportionate control over network decisions.
Let's take an example to see this more easily. In networks like Bitcoin many of the decisions that affect its operation are put to the vote. Voting allows miners and those who maintain network nodes to vote for or against a proposal that is made. Now, if a malicious actor made several identities on the network, he could vote as many times as identities he has under his control. A situation that is contrary to everything desirable and that would put the rest of those who participate at a disadvantage.
But not only that, a Sybil attack can also control the flow of information on the network. For example, a Sybil attack in Bitcoin can be used to obtain information about the IP addresses of the users who connect to the network. This is a situation that puts the security, privacy and anonymity of network users at risk. It sounds impossible, but a Sybil attack on BItcoin is capable of making this happen. The only thing that the attacker would need is to have control of several nodes in the network and begin to collect the information from them for an analysis that allows them to obtain all this information.
The situation reaches its peak, if the attacker, in addition to obtaining this information, implements active censorship. A fact that would prohibit users from making legitimate use of the network whenever they want.
How is a Sybil Attack Performed?
In principle we believe that technology has allowed us to have a safer world. To some extent this is true, but the technology is not perfect and there are vectors to violate all kinds of systems. In this sense, we can say that absolute security does not exist. And in all of this, the Sybil Attack is a good example.
For example, the peer-to-peer systems (P2P) They base their operation on a decentralized and distributed network. One in which each node of the network is managed by different identities scattered around the world. This fact makes their networks complex to attack and compromise in their entirety. This resistance level is perfect for critical systems and is the reason why blockchain and cryptocurrencies use it. After all, they are secure, stable, scalable, censorship resistant, and highly available.
However What if the enemy is posing as a friend and multiplies itself in the network using false identities? This is precisely a Sybil Attack, and the first to describe it was John R. Douceur.
Douceur's idea is simple and can be summarized as follows:
A P2P system can be violated, if a large part of its nodes (which are supposed to be secure and belong to different people), are actually controlled by the same person who remains in the shadows.
Depending on the P2P system this can mean large investments, such as Bitcoin where mining hardware must be purchased in order to affect the network. In other systems, the expense could be practically nil. For example, those where their decisions are made by vote of those who are part of the network. In these cases, the attacker could create thousands of fake accounts controlled by the same individual and influence network decisions.
In all cases, the vehicles or forms of attack vary depending on the network and its operating structure.
Example of a Sybil Attack
An example of Sybil Attack can be seen in the network violation Tor. This network works based on a P2P model in which its nodes guarantee that you can surf the internet anonymously. However, it is possible that a malicious or surveillance entity (such as the NSA) can pass tens, hundreds or thousands of nodes as trustworthy, completely violating the security of the same. This is because the input and output nodes would be controlled by the NSA and in this way it could monitor the network traffic of all those who make use of these compromised nodes.
This example of attack is more than practical than theoretical. In fact, in 2014 the Tor network was the victim of such an attack.
Are blockchain networks susceptible to a Sybil Attack?
Yes, blockchain networks are susceptible to this type of attack. But each network is unique in this regard. This is because each blockchain takes its own security measures to protect itself from this type of vulnerability. Remember that Sybil attacks are not unknown at all. Against this, developers take measures to protect the network and its users.
One of the most important measures at this point is the chain of trust. In Bitcoin for example, the blockchain and its history is distributed among all its nodes. They all have the same accounting book, and if only one of them tries to change it, it is simply rejected. Thus when a node begins to synchronize on the network, it takes data from various sources. It collates the information from all of them and if any of the nodes tries to change any data in any way, it is simply rejected and an attempt is made to take the data from another reliable node.
This method protects Bitcoin from this type of attack making it very difficult and exposing those malicious nodes. In fact, in 2015 such an event took place in Bitcoin. Back then, the Chainalysis company was aggressively seeking to obtain information from all nodes. The attempt was detected by the community and later analyzed by Gregory Maxwell, a major Bitcoin developer.
Also networks like Ethereum, Bitcoin Cash, Dash and even GRIN they are susceptible to this type of attack. Of course, each of them with their own particularities.
How to prevent this type of attack?
Sybil Attacks are not something that we as users can handle. In fact, measures to prevent them are on the part of the developers of P2P networks. Among the most used measures to prevent this type of attack we can mention:
- Use validation and chain of trust systems. This allows attackers to be ruled out and even disable the use of network resources for malicious purposes.
- Use consensus protocols that imply a cost per identity or access to network resources. In this way, any action carried out in the network would have an associated cost and this would multiply in proportion to the usurped identities. While it doesn't prevent Sybil Attack, doing it expensive limits its potential.
- Another way to prevent this type of attack can be found in creating a reputation system. Basically this system gives more power to those users who have more time on the network, demonstrating good behavior. That is, it turns the blockchain network into a meritocratic network, where power is handed over to the one who has the most merit. At the same time, power in new users is reduced. In this way, if an attacker creates hundreds or thousands of new accounts, their total power will never reach a level relevant to the network. This is because the system is in charge of balancing the potential of each new account to reduce it as opposed to those with more time.